Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/NOF_pKoxrSIxjGzvfnC6FU4xebI.roa
File: NOF_pKoxrSIxjGzvfnC6FU4xebI.roa (raw, json)
Hash identifier: cCaEqGMvEFZ4hVbB4fbj7mxRu9d0lI+uPcL3mik3+hQ=
Subject key identifier: 34:E1:7F:A4:AA:31:AD:22:31:8C:6C:EF:7E:70:BA:15:4E:31:79:B2
Certificate issuer: /CN=da8f05e3843517cf0971c2bf9cddddd62717e52c
Certificate serial: 0189F9CBFB5041D98C626092A79CDD489B23
Authority key identifier: DA:8F:05:E3:84:35:17:CF:09:71:C2:BF:9C:DD:DD:D6:27:17:E5:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2o8F44Q1F88JccK_nN3d1icX5Sw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/NOF_pKoxrSIxjGzvfnC6FU4xebI.roa
Signing time: Tue 15 Aug 2023 15:24:02 +0000
ROA not before: Tue 15 Aug 2023 15:24:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44477
IP address blocks: 138.124.0.0/17 maxlen: 24
138.124.245.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f9:cb:fb:50:41:d9:8c:62:60:92:a7:9c:dd:48:9b:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da8f05e3843517cf0971c2bf9cddddd62717e52c
Validity
Not Before: Aug 15 15:24:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=34e17fa4aa31ad22318c6cef7e70ba154e3179b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:c3:5c:f3:a0:8f:34:fb:4f:04:f7:e1:79:7f:
7c:32:be:e5:cf:b3:bd:a8:4f:bd:6c:77:b6:bb:e1:
ec:86:f8:4f:40:61:f4:0e:e9:7f:83:28:2b:b4:c8:
fa:07:fd:2e:c5:c3:07:e1:b7:03:c4:e5:4e:37:2d:
43:e0:7e:2e:42:20:be:bf:87:05:85:49:e5:01:a7:
53:74:c1:28:9e:3b:2d:d4:62:51:e0:4d:ee:32:2c:
17:a8:06:4b:d1:f7:f5:43:bc:46:20:d3:34:b2:ac:
ae:de:00:24:b9:9e:45:29:33:8e:af:6b:ca:e9:26:
5c:f5:f8:54:ad:a7:03:14:05:cb:60:37:3d:e2:5c:
15:c0:4c:06:ae:e0:97:83:30:d0:ff:cf:2a:5b:3a:
03:1f:7b:d9:90:c1:17:36:0a:8c:86:f4:ff:42:b7:
c8:37:ad:3a:59:78:52:8c:3f:74:3a:07:10:1b:8a:
18:89:04:2c:96:18:89:f9:d0:11:f2:dc:7d:ad:a3:
df:27:10:11:b1:de:cc:50:7e:79:61:0a:36:63:77:
fe:7d:ba:2b:c6:ff:15:b4:34:9d:eb:be:25:53:dc:
67:47:66:e9:35:d1:84:a7:1e:d8:5e:d5:59:81:e1:
68:49:0f:cd:df:47:70:b2:08:62:6f:ec:80:f2:9f:
01:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:E1:7F:A4:AA:31:AD:22:31:8C:6C:EF:7E:70:BA:15:4E:31:79:B2
X509v3 Authority Key Identifier:
keyid:DA:8F:05:E3:84:35:17:CF:09:71:C2:BF:9C:DD:DD:D6:27:17:E5:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2o8F44Q1F88JccK_nN3d1icX5Sw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/NOF_pKoxrSIxjGzvfnC6FU4xebI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/2o8F44Q1F88JccK_nN3d1icX5Sw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.124.0.0/17
138.124.245.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:70:7e:d2:d7:f5:3c:d9:65:ad:fa:1b:c5:ef:b8:bf:e4:a6:
a3:6b:c4:15:ec:c2:17:37:71:d0:a2:d3:71:69:75:cf:54:cd:
0f:d7:35:97:2a:2d:e0:93:ac:39:62:bc:29:79:db:18:43:e1:
72:dc:f7:ae:ad:68:62:c2:6a:6e:8f:0e:9c:23:ef:da:ca:83:
b4:4e:ce:f9:5d:b5:c1:fe:ed:06:b0:8e:6c:ee:b2:ca:53:4b:
1f:b1:01:74:fe:f9:c9:03:71:01:de:e7:ba:e4:b7:b4:2b:30:
2f:94:64:13:8e:aa:c8:9b:e5:17:3c:3b:17:b2:51:55:d8:d6:
60:de:e8:ef:5a:69:64:cc:cf:c8:bb:63:54:76:49:92:fa:6d:
2e:23:10:42:10:53:30:8b:4c:f2:a4:28:12:6c:02:78:c2:8b:
72:e8:94:3b:f4:ef:67:c2:43:8b:c1:11:0a:37:53:da:31:b1:
94:ad:a7:c1:65:dd:6c:d8:4c:0a:ef:9b:06:7d:2d:9a:20:b6:
ab:c3:1f:91:b1:a2:c2:4d:f9:3f:7f:be:a0:26:8a:fa:5b:49:
5b:58:ce:23:b6:00:63:2f:c5:60:59:78:13:b5:e6:cc:f7:e1:
35:d3:27:5d:51:65:49:22:46:c5:a7:d2:db:28:a2:8c:46:75:
83:a3:f7:9d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYn5y/tQQdmMYmCSp5zdSJsjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhOGYwNWUzODQzNTE3Y2YwOTcxYzJiZjljZGRkZGQ2Mjcx
N2U1MmMwHhcNMjMwODE1MTUyNDAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGUxN2ZhNGFhMzFhZDIyMzE4YzZjZWY3ZTcwYmExNTRlMzE3OWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqsNc86CPNPtPBPfheX98Mr7lz7O9
qE+9bHe2u+HshvhPQGH0Dul/gygrtMj6B/0uxcMH4bcDxOVONy1D4H4uQiC+v4cF
hUnlAadTdMEonjst1GJR4E3uMiwXqAZL0ff1Q7xGINM0sqyu3gAkuZ5FKTOOr2vK
6SZc9fhUracDFAXLYDc94lwVwEwGruCXgzDQ/88qWzoDH3vZkMEXNgqMhvT/QrfI
N606WXhSjD90OgcQG4oYiQQslhiJ+dAR8tx9raPfJxARsd7MUH55YQo2Y3f+fbor
xv8VtDSd674lU9xnR2bpNdGEpx7YXtVZgeFoSQ/N30dwsghib+yA8p8BKQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDThf6SqMa0iMYxs735wuhVOMXmyMB8GA1UdIwQY
MBaAFNqPBeOENRfPCXHCv5zd3dYnF+UsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm84RjQ0UTFGODhKY2NLX25OM2QxaWNYNVN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iOTg4NGItNmZjNS00YjNlLWIxZTgt
ZTAxZTk0MTI0Njc0LzEvTk9GX3BLb3hyU0l4akd6dmZuQzZGVTR4ZWJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iOTg4NGItNmZjNS00YjNlLWIxZTgtZTAxZTk0MTI0Njc0
LzEvMm84RjQ0UTFGODhKY2NLX25OM2QxaWNYNVN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQHinwAAwQA
inz1MA0GCSqGSIb3DQEBCwUAA4IBAQB9cH7S1/U82WWt+hvF77i/5Kaja8QV7MIX
N3HQotNxaXXPVM0P1zWXKi3gk6w5YrwpedsYQ+Fy3PeurWhiwmpujw6cI+/ayoO0
Ts75XbXB/u0GsI5s7rLKU0sfsQF0/vnJA3EB3ue65Le0KzAvlGQTjqrIm+UXPDsX
slFV2NZg3ujvWmlkzM/Iu2NUdkmS+m0uIxBCEFMwi0zypCgSbAJ4woty6JQ79O9n
wkOLwREKN1PaMbGUrafBZd1s2EwK75sGfS2aILarwx+RsaLCTfk/f76gJor6W0lb
WM4jtgBjL8VgWXgTtebM9+E10yddUWVJIkbFp9LbKKKMRnWDo/ed
-----END CERTIFICATE-----
Generated at Sun May 11 15:36:47 2025 by rpki-client